The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Information Security Effectiveness: Conceptualization and Validation of a Theory
Abstract
Taking a sequential qualitative-quantitative methodological approach, we propose and test a theoretical model that includes four variables through which top management can positively influence security effectiveness: user training, security culture, policy relevance, and policy enforcement. During the qualitative phase of the study, we generated the model based on textual responses to a series of questions given to a sample of 220 information security practitioners. During the quantitative phase, we analyzed survey data collected from a sample of 740 information security practitioners. After data collection, we analyzed the survey responses using structural equation modeling and found evidence to support the hypothesized model. We also tested an alternative, higher-order factor version of the original model that demonstrated an improved overall fit and general applicability across the various demographics of the sampled data. We then linked the finding of this study to existing top management support literature, general deterrence theory research, and the theoretical notion of the dilemma of the supervisor.
Related Content
.
© 2023.
34 pages.
|
.
© 2023.
15 pages.
|
.
© 2023.
15 pages.
|
.
© 2023.
18 pages.
|
.
© 2023.
24 pages.
|
.
© 2023.
32 pages.
|
.
© 2023.
21 pages.
|
|
|